so-gr3at3.com Open in urlscan Pro
136.243.249.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kruff.quizoracle.com/
Effective URL:
https://so-gr3at3.com/go/1274244
Submission: On November 09 via api (November 9th 2024, 4:26:21 am UTC) from US — Scanned from IT

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 136.243.249.75, located in Eitensheim, Germany and belongs to HETZNER-AS, DE. The main domain is so-gr3at3.com. The Cisco Umbrella rank of the primary domain is 301396.
TLS certificate: Issued by R10 on September 22nd 2024. Valid for: 3 months.

This is the only time so-gr3at3.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	172.67.213.2 172.67.213.2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	157.90.33.72 157.90.33.72	24940 (HETZNER-AS) (HETZNER-AS)
2	23.88.8.123 23.88.8.123	24940 (HETZNER-AS) (HETZNER-AS)
1	136.243.249.75 136.243.249.75	24940 (HETZNER-AS) (HETZNER-AS)
12	5

5 172.67.213.2 (United States)

ASN13335 (CLOUDFLARENET, US)

kruff.quizoracle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.90.33.72 (Ismaning, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sub2.1push.io

sdk4push.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.88.8.123 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: eu7.1push.io

uidsync.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.249.75 (Eitensheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dracula-bak.1push.io

so-gr3at3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	quizoracle.com kruff.quizoracle.com	12 KB
3	sdk4push.com sdk4push.com — Cisco Umbrella Rank: 153238	16 KB
2	uidsync.net uidsync.net — Cisco Umbrella Rank: 55054	712 B
1	so-gr3at3.com so-gr3at3.com — Cisco Umbrella Rank: 301396	377 B
12	4

	Domain	Requested by
5	kruff.quizoracle.com	kruff.quizoracle.com
3	sdk4push.com	kruff.quizoracle.com sdk4push.com
2	uidsync.net	sdk4push.com
1	so-gr3at3.com	kruff.quizoracle.com
12	4

This site contains no links.

Subject Issuer	Validity	Valid
quizoracle.com WE1	`2024-09-22` - `2024-12-21`	3 months	crt.sh
sdk4push.com R10	`2024-10-07` - `2025-01-05`	3 months	crt.sh
uidsync.net Sectigo RSA Domain Validation Secure Server CA	`2023-12-30` - `2025-01-29`	a year	crt.sh
so-gr3at3.com R10	`2024-09-22` - `2024-12-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://so-gr3at3.com/go/1274244
Frame ID: 6F5F0550BC800D80A1348EF7B1CCCB29
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://kruff.quizoracle.com/ HTTP 307
https://kruff.quizoracle.com/ Page URL
https://so-gr3at3.com/go/1274244 Page URL

Page Statistics

12
Requests

92 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

28 kB
Transfer

76 kB
Size

Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kruff.quizoracle.com/ HTTP 307
https://kruff.quizoracle.com/ Page URL
https://so-gr3at3.com/go/1274244 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://kruff.quizoracle.com/ HTTP 307
https://kruff.quizoracle.com/

Request Chain 7

https://kruff.quizoracle.com/favicon.ico HTTP 301
https://kruff.quizoracle.com/favicon.ico HTTP 301
https://kruff.quizoracle.com/favicon.ico HTTP 301
https://kruff.quizoracle.com/favicon.ico HTTP 301
https://kruff.quizoracle.com/favicon.ico HTTP 301
https://kruff.quizoracle.com/favicon.ico HTTP 301
https://kruff.quizoracle.com/favicon.ico HTTP 301
https://kruff.quizoracle.com/favicon.ico HTTP 301
https://kruff.quizoracle.com/favicon.ico HTTP 301
https://kruff.quizoracle.com/favicon.ico HTTP 301
https://kruff.quizoracle.com/favicon.ico HTTP 301
https://kruff.quizoracle.com/favicon.ico HTTP 301
https://kruff.quizoracle.com/favicon.ico HTTP 301
https://kruff.quizoracle.com/favicon.ico HTTP 301
https://kruff.quizoracle.com/favicon.ico HTTP 301
https://kruff.quizoracle.com/favicon.ico HTTP 301
https://kruff.quizoracle.com/favicon.ico HTTP 301
https://kruff.quizoracle.com/favicon.ico HTTP 301
https://kruff.quizoracle.com/favicon.ico HTTP 301
https://kruff.quizoracle.com/favicon.ico HTTP 301
https://kruff.quizoracle.com/favicon.ico

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
kruff.quizoracle.com/
Redirect Chain

http://kruff.quizoracle.com/
https://kruff.quizoracle.com/

11 KB
3 KB

1116ms
271ms

Document
text/html

172.67.213.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kruff.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.213.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21d8ecee5a978bbff2dbc8b648dd16cd25d4005cea79b8c1e3b79f3512c14342

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8dfb0b22e871bb09-MXP
content-encoding: zstd
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Sat, 09 Nov 2024 04:26:14 GMT
last-modified: Fri, 08 Nov 2024 19:28:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u4QMpLneWHV3rD4Mmt%2B2f%2BzHa3G2NguPUaT729DlPCbbLEK%2BCcEmjVt2QVOSWz7rZRvNMTaZFK0XhZqCXKV4cZ6Xp%2BDcPvvqyuYgx8zg2%2BJoSKDW1eDiAKeBadBx1qaO0njbI695LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=19403&sent=8&recv=9&lost=0&retrans=0&sent_bytes=3949&recv_bytes=2261&delivery_rate=197920&cwnd=253&unsent_bytes=0&cid=3cf3e0c03c39f8af&ts=362&x=0"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

Redirect headers

Location: https://kruff.quizoracle.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 d054c3677f8a7dfb4909694bd3d44fe3c966feb7.png
kruff.quizoracle.com/ 1 KB
2 KB 112ms
91ms Image
image/png 172.67.213.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kruff.quizoracle.com/d054c3677f8a7dfb4909694bd3d44fe3c966feb7.png

Requested by

Host: kruff.quizoracle.com
URL: https://kruff.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.213.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91e3c6933a7bb8d8b6dda3c79929ee75074e236f9f462cce6a67518f130176e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kruff.quizoracle.com/

Response headers

cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GVrLbjiNyxHIaK%2FB3hKObstlX0KvLtKSgbAnEAUIwc3wLmqH0901CWxpgoC%2BFa2%2BrdOAUYONiUALHbxwsAjiFAv3GjVas0WK%2FQRJif%2BEk9fMj64VLs1JskO2bLy%2Fja2yhVp6sWcVfg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 07 Jan 2025 19:28:23 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=28801&sent=18&recv=14&lost=0&retrans=0&sent_bytes=8421&recv_bytes=2559&delivery_rate=197920&cwnd=254&unsent_bytes=0&cid=3cf3e0c03c39f8af&ts=1023&x=0"
date: Sat, 09 Nov 2024 04:26:15 GMT
content-type: image/png
last-modified: Fri, 08 Nov 2024 19:28:19 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dfb0b271b5cbb09-MXP
accept-ranges: bytes
content-length: 1164
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 3504c702e5415b9be5ffc86df2d344ac2423791b.svg
kruff.quizoracle.com/ 6 KB
1008 B 109ms
89ms Image
image/svg+xml 172.67.213.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kruff.quizoracle.com/3504c702e5415b9be5ffc86df2d344ac2423791b.svg

Requested by

Host: kruff.quizoracle.com
URL: https://kruff.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.213.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb8a0ed74bffa5df7bf3604c89533f37564cfc9a74f3203183ab8e693ef6a0cc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kruff.quizoracle.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hJWaP2YntRdHGoRbldWJeX3YCs6t0prIjWTbuIA6wpwaVdXM4qtRJkC%2F2BCsyoCtFCmplCAi%2FSg4haxRtOxPTr7nIlwDxgiUwarD%2BF0WMvrNyPUej6IA7MWd7GBoLPlaO4It%2F3uRgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 07 Jan 2025 19:28:23 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=28801&sent=15&recv=14&lost=0&retrans=0&sent_bytes=7347&recv_bytes=2559&delivery_rate=197920&cwnd=254&unsent_bytes=0&cid=3cf3e0c03c39f8af&ts=1023&x=0"
date: Sat, 09 Nov 2024 04:26:15 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Fri, 08 Nov 2024 19:28:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dfb0b271b5ebb09-MXP
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 268046a1f4770ede446604421b6cddf9dc69a3a4.png
kruff.quizoracle.com/ 5 KB
5 KB 93ms
92ms Image
image/png 172.67.213.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kruff.quizoracle.com/268046a1f4770ede446604421b6cddf9dc69a3a4.png

Requested by

Host: kruff.quizoracle.com
URL: https://kruff.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.213.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbd3581760a2c247a398e3219062073c803138877af6319671d7a0d7002b5bf6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kruff.quizoracle.com/

Response headers

cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ePszpR7pVDWCIHE%2FSDhG3dv1Er7vFN8zpcvnd3sOnuGfERAupJMjU5KAUwmib4MUB1ZUrx1unB4dRcAcH%2BU6cpkSaDCaMFNJGT6Gbsq97ycAwMDNX9idZh3%2BXXlKFpd81Qd7bWpUdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 07 Jan 2025 19:28:23 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=23860&sent=23&recv=22&lost=0&retrans=0&sent_bytes=10087&recv_bytes=2723&delivery_rate=378972&cwnd=254&unsent_bytes=0&cid=3cf3e0c03c39f8af&ts=1375&x=0"
date: Sat, 09 Nov 2024 04:26:15 GMT
content-type: image/png
last-modified: Fri, 08 Nov 2024 19:28:19 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dfb0b294c89bb09-MXP
accept-ranges: bytes
content-length: 4921
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 c041fb33055c52060f8295cec7c1717d206ba952.svg
kruff.quizoracle.com/ 242 B
603 B 117ms
117ms Image
image/svg+xml 172.67.213.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kruff.quizoracle.com/c041fb33055c52060f8295cec7c1717d206ba952.svg

Requested by

Host: kruff.quizoracle.com
URL: https://kruff.quizoracle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.213.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52925a71efa34a12bf7e3c9e846a7539bc48c86f8501e9d64f7225b3a85e3609

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kruff.quizoracle.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gqyo%2BSaWXP00tkjgAvz6fCF2oGtacCz3AhrtY3ONb5%2Fxr%2FBLN0zk4w8BhYMReCfu1JR6n8ujVAbKxBkT%2BaDtIUxUcvm6bVRPUIresRjv42XDos%2BJHX25K0Do9l64amrJaLeSdCDz%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 07 Jan 2025 19:28:23 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=22116&sent=30&recv=26&lost=0&retrans=0&sent_bytes=15562&recv_bytes=2723&delivery_rate=454985&cwnd=254&unsent_bytes=0&cid=3cf3e0c03c39f8af&ts=1398&x=0"
date: Sat, 09 Nov 2024 04:26:15 GMT
content-type: image/svg+xml
last-modified: Fri, 08 Nov 2024 19:28:19 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
cache-control: max-age=16070400
x-server-powered-by: Engintron
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dfb0b297c95bb09-MXP
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
server: cloudflare

GET
H2 200 sdk.js Show response
sdk4push.com/f/ 53 KB
15 KB 712ms
117ms Script
application/javascript 157.90.33.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk4push.com/f/sdk.js?z=1274241
Requested by: Host: kruff.quizoracle.com
URL: https://kruff.quizoracle.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.33.72 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sub2.1push.io
Software: Angie /
Resource Hash: f3d7f4e228e094cb0bfa58d89b651b879602807366787d4ba3b9af0b357af34c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kruff.quizoracle.com/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
content-length: 14985
content-encoding: gzip
date: Sat, 09 Nov 2024 04:26:16 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: Angie

POST
H2 200 event
sdk4push.com/ 0
531 B 63ms
62ms Ping
text/plain 157.90.33.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk4push.com/event?z=1274241
Requested by: Host: sdk4push.com
URL: https://sdk4push.com/f/sdk.js?z=1274241
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.33.72 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sub2.1push.io
Software: Angie /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://kruff.quizoracle.com/

Response headers

access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 11 Jan 1994 00:00:00 GMT
access-control-allow-origin: https://kruff.quizoracle.com
content-length: 0
date: Sat, 09 Nov 2024 04:26:16 GMT
server: Angie
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token

GET

favicon.ico
kruff.quizoracle.com/
Redirect Chain

https://kruff.quizoracle.com/favicon.ico
https://kruff.quizoracle.com/favicon.ico
https://kruff.quizoracle.com/favicon.ico
https://kruff.quizoracle.com/favicon.ico
https://kruff.quizoracle.com/favicon.ico
https://kruff.quizoracle.com/favicon.ico
https://kruff.quizoracle.com/favicon.ico
https://kruff.quizoracle.com/favicon.ico
https://kruff.quizoracle.com/favicon.ico
https://kruff.quizoracle.com/favicon.ico
https://kruff.quizoracle.com/favicon.ico
https://kruff.quizoracle.com/favicon.ico
https://kruff.quizoracle.com/favicon.ico
https://kruff.quizoracle.com/favicon.ico
https://kruff.quizoracle.com/favicon.ico
https://kruff.quizoracle.com/favicon.ico
https://kruff.quizoracle.com/favicon.ico
https://kruff.quizoracle.com/favicon.ico
https://kruff.quizoracle.com/favicon.ico
https://kruff.quizoracle.com/favicon.ico
https://kruff.quizoracle.com/favicon.ico

0
0

GET
H2 200 sync Show response
uidsync.net/ 62 B
712 B 173ms
34ms Fetch
application/json 23.88.8.123
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://uidsync.net/sync?user_id=8qmrxF7Y8tZHhm164XCdP8
Requested by: Host: sdk4push.com
URL: https://sdk4push.com/f/sdk.js?z=1274241
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.88.8.123 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eu7.1push.io
Software: Angie /
Resource Hash: 46537890ac71857be61cc4194442f6ff7f0ab8d890737a165b7056e45564529d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://kruff.quizoracle.com/

Response headers

access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 11 Jan 1994 00:00:00 GMT
access-control-allow-origin: https://kruff.quizoracle.com
content-length: 62
date: Sat, 09 Nov 2024 04:26:17 GMT
content-type: application/json; charset=utf-8
server: Angie
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token

OPTIONS
H2 204 sync
uidsync.net/ 0
0 240ms
52ms Preflight 23.88.8.123
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://uidsync.net/sync?user_id=8qmrxF7Y8tZHhm164XCdP8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.88.8.123 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eu7.1push.io
Software: Angie /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://kruff.quizoracle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://kruff.quizoracle.com
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
date: Sat, 09 Nov 2024 04:26:17 GMT
expires: Tue, 11 Jan 1994 00:00:00 GMT
pragma: no-cache
server: Angie

POST
H2 200 event
sdk4push.com/ 0
532 B 172ms
69ms Ping
text/plain 157.90.33.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk4push.com/event?z=1274241
Requested by: Host: sdk4push.com
URL: https://sdk4push.com/f/sdk.js?z=1274241
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.33.72 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sub2.1push.io
Software: Angie /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://kruff.quizoracle.com/

Response headers

access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Tue, 11 Jan 1994 00:00:00 GMT
access-control-allow-origin: https://kruff.quizoracle.com
content-length: 0
date: Sat, 09 Nov 2024 04:26:18 GMT
server: Angie
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token

GET
H2 200 Primary Request 1274244
so-gr3at3.com/go/ 31 B
377 B 193ms
47ms Document
text/html 136.243.249.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://so-gr3at3.com/go/1274244
Requested by: Host: kruff.quizoracle.com
URL: https://kruff.quizoracle.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.249.75 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dracula-bak.1push.io
Software: nginx /
Resource Hash

Request headers

Referer: https://kruff.quizoracle.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 09 Nov 2024 04:26:18 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: kruff.quizoracle.com
URL: https://kruff.quizoracle.com/favicon.ico

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kruff.quizoracle.com/favicon.ico Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

kruff.quizoracle.com
sdk4push.com
so-gr3at3.com
uidsync.net
kruff.quizoracle.com
136.243.249.75
157.90.33.72
172.67.213.2
23.88.8.123
21d8ecee5a978bbff2dbc8b648dd16cd25d4005cea79b8c1e3b79f3512c14342
46537890ac71857be61cc4194442f6ff7f0ab8d890737a165b7056e45564529d
52925a71efa34a12bf7e3c9e846a7539bc48c86f8501e9d64f7225b3a85e3609
91e3c6933a7bb8d8b6dda3c79929ee75074e236f9f462cce6a67518f130176e4
cbd3581760a2c247a398e3219062073c803138877af6319671d7a0d7002b5bf6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3d7f4e228e094cb0bfa58d89b651b879602807366787d4ba3b9af0b357af34c
fb8a0ed74bffa5df7bf3604c89533f37564cfc9a74f3203183ab8e693ef6a0cc

so-gr3at3.com Open in urlscan Pro 136.243.249.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

12 Requests

92 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

5 IPs

2 Countries

28 kBTransfer

76 kBSize

Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

Cookies

1 Console Messages

Security Headers

Indicators

so-gr3at3.com Open in urlscan Pro
136.243.249.75 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

28 kB
Transfer

76 kB
Size

12 HTTP transactions
0 data transactions